Five individuals have been arrested in connection with a syndicate that hacked and stole 400 million personal data records of Malaysians, which were then sold on the Dark Web.
Bukit Aman’s Commercial Crime Investigation Department (CCID) director, Datuk Seri Ramli Mohamed Yoosuf, revealed that the suspects, aged 34 to 52, were apprehended during “Op Kapas” on 5 September 2024, according to Bernama.
The group consists of four locals and one Pakistani national, who is believed to be the mastermind.
The syndicate stole data such as names, identity card numbers, bank details, and mobile numbers from various companies by hacking their systems.
This information was uploaded to a portal called Query Smart Search, where access was rented out for RM200 to RM800 per month or sold for RM1.50 to RM2 per record.
The activity was detected by CyberSecurity Malaysia through the monitoring of a website, dataserver1.mypsx.net, containing user information believed to be registered with various companies and agencies.
Most of the buyers were unlicensed debt collection companies, and authorities believe other syndicates may have used the stolen data.
The Pakistani national was charged under the Personal Data Protection Act, while the other suspects were released on bail.
What is Dark Web?
The dark web is a concealed segment of the internet that is not indexed by standard search engines and can be accessed via specialised browsers such as Tor.
It’s a hub for both lawful and unlawful activities, providing anonymity but also presenting dangers such as scams and illegal content.